Fixes: #2669 forceSSL doesn't work

7fffb19e · Côme Bernigaud · Benoit Mortier · aee38770 · 7fffb19e · 7fffb19e
Commit 7fffb19e authored 11 years ago by Côme Bernigaud Committed by Benoit Mortier 11 years ago
Hide whitespace changes
Inline Side-by-side

Showing

with 28 additions and 17 deletions
+28 -17
--- a/html/index.php
+++ b/html/index.php
@@ -188,20 +188,6 @@ if ($_SERVER["REQUEST_METHOD"] != "POST") {
  @DEBUG (DEBUG_TRACE, __LINE__, __FUNCTION__, __FILE__, $lang, "Setting language to");
 }

-/* Check for SSL connection */
-$ssl = "";
-if (!isset($_SERVER['HTTPS']) ||
-    !stristr($_SERVER['HTTPS'], "on")) {
-
-  if (empty($_SERVER['REQUEST_URI'])) {
-    $ssl = "https://".$_SERVER['HTTP_HOST'].
-      $_SERVER['PATH_INFO'];
-  } else {
-    $ssl = "https://".$_SERVER['HTTP_HOST'].
-      $_SERVER['REQUEST_URI'];
-  }
-}
-
 /* Do we have htaccess authentification enabled? */
 $htaccess_authenticated = FALSE;
 if ($config->get_cfg_value("htaccessAuthentication") == "TRUE" ) {
@@ -234,7 +220,7 @@ if (!$htaccess_authenticated) {
 $config->set_current($server);

 /* If SSL is forced, just forward to the SSL enabled site */
-if ($config->get_cfg_value("forcessl") == "TRUE" && $ssl != '') {
+if (($config->get_cfg_value("forcessl") == "TRUE") && ($ssl != '')) {
  header ("Location: $ssl");
  exit;
 }

--- a/html/main.php
+++ b/html/main.php
@@ -62,6 +62,13 @@ if ($_SERVER['REMOTE_ADDR'] != $ui->ip) {
  exit;
 }
 $config = session::global_get('config');
+
+/* If SSL is forced, just forward to the SSL enabled site */
+if (($config->get_cfg_value("forcessl") == "TRUE") && ($ssl != '')) {
+  header ("Location: $ssl");
+  exit;
+}
+
 timezone::get_default_timezone();

 /* Check for invalid sessions */

--- a/html/recovery.php
+++ b/html/recovery.php
 <?php
-
 /*
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
-  Copyright (C) 2003-2010  Cajus Pollmeier
  Copyright (C) 2011-2013  FusionDirectory

  This program is free software; you can redistribute it and/or modify
@@ -24,6 +22,15 @@ require_once("../include/php_setup.inc");
 require_once("functions.inc");
 require_once("variables.inc");

+$config = session::global_get('config');
+
+/* If SSL is forced, just forward to the SSL enabled site */
+if (($config->get_cfg_value("forcessl") == "TRUE") && ($ssl != '')) {
+  header ("Location: $ssl");
+  exit;
+}
+
+
 $pwRecovery = new passwordRecovery();

 $pwRecovery->execute();

--- a/include/php_setup.inc
+++ b/include/php_setup.inc
@@ -297,4 +297,14 @@ if (defined('SMARTY_PHP_REMOVE')) {
 } else {
    $smarty->php_handling = Smarty::PHP_REMOVE;
 }
+
+/* Check for SSL connection */
+$ssl = "";
+if (!(isset($_SERVER['HTTPS']) && stristr($_SERVER['HTTPS'], "on"))) {
+  if (empty($_SERVER['REQUEST_URI'])) {
+    $ssl = "https://".$_SERVER['HTTP_HOST'].$_SERVER['PATH_INFO'];
+  } else {
+    $ssl = "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
+  }
+}
 ?>
--- a/setup/class_setupStep_Config3.inc
+++ b/setup/class_setupStep_Config3.inc
@@ -221,6 +221,7 @@ class Step_Config3 extends setup_step
    $attrs['fdListSummary'] = ($this->optional['list_summary']?"TRUE":"FALSE");
    $attrs['fdLdapStats']   = ($this->optional['ldapstats']?"TRUE":"FALSE");
    $attrs['fdWarnSSL']     = ($this->optional['warnssl']?"TRUE":"FALSE");
+    $attrs['fdForceSSL']    = ($this->optional['forcessl']?"TRUE":"FALSE");

    if ($cv['pwd_rules']['pwminlen_active']) {
      $attrs['fdPasswordMinLength'] = $cv['pwd_rules']['pwminlen'];